As computer-based technologies have evolved, conventional in-person and paper-based transactions and communications are increasingly performed electronically over networks (e.g., the internet). Although electronic communications have significantly reduced costs and improved efficiencies, they pose significant risks regarding identification and authentication of users, and integrity of data.
An electronic signature (“e-signature”) refers to data in electronic form that is associated with a record and that is used by a signatory or signing party to sign the record. An e-signature is intended to provide a secure and accurate identification method for the signatory to provide a seamless transaction to a relying party. Definitions of e-signatures vary depending on the applicable jurisdiction. For example, the United States is governed under the Electronic Signatures in Global and National Commerce Act (“ESIGN”) and the Government Paperwork Elimination Act (“GPEA”). Under the ESIGN an e-signature is defined as an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record. Additionally under United States federal law, the GPEA further defines the term “electronic signature” means a method of signing an electronic message that: (A) identifies and authenticates a particular person as the source of the electronic message; and (B) indicates such person's approval of the information contained in the electronic message. Increasingly, digital signatures are used in e-commerce and in regulatory filings to implement electronic signature in a cryptographically protected way.
Digital signatures are mathematical schemes for demonstrating the authenticity of digital messages or electronic documents. A variety of cryptographic techniques are used to encrypt data and to create digital signatures. With symmetric key cryptographic systems, a pair of users who desire to exchange data securely use a shared “symmetric” key. With this type of approach, a sender of a message uses the same key to encrypt the message that a recipient of the message uses to decrypt the message. Symmetric key systems require that each sender and recipient establish the shared key in a secure manner. Public key systems may also be used to exchange messages securely. With public-key cryptographic systems, two types of keys are used—public keys and private keys. A sender of a message may encrypt the message using the public key of a recipient. The recipient may use a corresponding private key to decrypt the message.
Additionally, public key cryptographic systems (e.g., asymmetric key cryptographic systems) may be used to produce digital signatures. A recipient of a message that has been digitally signed can use the digital signature to verify the identity of the message's sender and to confirm that the message has not been altered during transit. In a typical digital signature arrangement, a sender uses a cryptographic hash function to produce a message digest. The message digest is much smaller than the original message, but is still unique to the message for practical purposes. The sender then uses the sender's private key to sign the message digest. The process of signing the message digest uses a mathematical operation that can only be performed by the sender who possesses the private key. The message and signed message digest (the “digital signature”) may then be sent to a recipient. As will be appreciated, the recipient is an entity that can use the digital signature and the message sender's public key to determine that the sender is the message signer and that the integrity of the message has not been compromised.
Biometrics can be used for human identification and authentication for physical and logical access. Logical access can include access to applications, services, or entitlements. Authentication systems require that the party that wishes to be authenticated has enrolled a biometric reference template at a biometric service provider (“BSP”) or similar entity. A biometric reference template is a digital reference of an individual's distinct characteristics obtained by processing one or more biometric samples from the individual. Biometric traits may include, for example, biological (e.g., fingerprint, iris, hand geometry, etc.) and behavioral (e.g., gait, gesture, keystroke dynamics, etc.) characteristics that reliably distinguish one person from another. Digital representations of these characteristics are stored in an electronic medium, and later used to authenticate the identity of an individual.